Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/_VgEj51BJ8TTR-7z-x7xdhnLzII.roa
File: _VgEj51BJ8TTR-7z-x7xdhnLzII.roa (raw, json)
Hash identifier: fhHj5vS3yAQMZGrfKMiUUKNzj8ilqRRKkUhLptwuzkY=
Subject key identifier: FD:58:04:8F:9D:41:27:C4:D3:47:EE:F3:FB:1E:F1:76:19:CB:CC:82
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 01971846AE9EB6E09842C4D5F6F8D0F42038
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/_VgEj51BJ8TTR-7z-x7xdhnLzII.roa
Signing time: Wed 28 May 2025 19:02:54 +0000
ROA not before: Wed 28 May 2025 19:02:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 144.56.20.0/24 maxlen: 24
144.56.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 09:16:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:18:46:ae:9e:b6:e0:98:42:c4:d5:f6:f8:d0:f4:20:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: May 28 19:02:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd58048f9d4127c4d347eef3fb1ef17619cbcc82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e8:28:f4:d1:2c:f4:07:89:db:b3:69:64:17:
6c:ea:16:b4:5b:36:2e:1d:5f:34:08:2d:74:18:ae:
85:21:ef:4f:2d:fd:a8:06:31:73:c7:82:50:af:04:
aa:4d:09:41:19:74:ae:a2:2c:ec:05:6a:4f:96:60:
83:9f:96:d4:d6:8d:68:f2:95:97:a2:48:fa:84:e9:
6c:7f:bd:d3:78:e4:be:4b:95:04:6d:a8:98:cc:82:
12:b6:a5:e2:4c:86:d2:ab:9e:3d:bf:00:13:60:e8:
12:22:95:1d:f0:6c:60:c5:53:74:89:dc:90:bc:ad:
ba:c7:24:44:42:53:6b:7d:c2:0e:d6:bd:3c:00:50:
73:d5:e2:23:20:96:7f:78:fb:91:32:cf:7c:a0:14:
e3:de:10:51:6f:e7:8e:90:79:53:ff:99:d3:d9:94:
03:86:5c:28:96:a5:d7:fc:59:8d:9b:da:88:68:f6:
c8:1e:d7:7d:87:cb:e4:fd:f9:95:c4:39:d8:5d:7e:
79:53:2c:f0:a0:bb:8c:8e:01:d3:c8:a0:16:2d:20:
70:74:e2:bb:d2:34:34:cc:e3:65:2f:c7:93:6f:de:
03:42:fe:74:ee:44:35:05:12:62:35:c2:e4:66:8b:
fc:77:66:f6:a4:9f:c9:f7:0f:dc:d9:af:23:ba:27:
b6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:58:04:8F:9D:41:27:C4:D3:47:EE:F3:FB:1E:F1:76:19:CB:CC:82
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/_VgEj51BJ8TTR-7z-x7xdhnLzII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.20.0/24
144.56.34.0/24
Signature Algorithm: sha256WithRSAEncryption
54:77:4a:ac:3f:38:38:23:6a:b9:1d:c9:29:e8:62:3d:7c:9c:
c6:46:c2:fa:88:62:5c:dd:ae:23:16:66:ef:44:1b:bd:b9:80:
ec:42:18:7e:b3:06:54:22:24:d3:8f:fa:4a:58:64:df:c7:78:
b4:a4:19:a3:0f:fc:e0:95:a7:64:7a:de:dd:c3:31:43:9c:1f:
b5:cb:2d:19:4e:7a:b5:76:c0:3d:13:83:7e:61:5c:87:98:c8:
47:c9:27:22:18:9b:e5:ab:53:5b:63:99:16:9c:54:93:69:a6:
20:43:19:8c:d2:dd:56:7b:49:36:31:67:ce:de:f3:7a:58:5e:
58:a7:c1:a6:a1:13:06:73:e9:e5:6b:4c:5e:6e:97:39:8b:39:
0d:f9:90:06:ab:9a:76:99:c2:5b:b9:42:60:27:61:b1:07:0e:
7a:85:85:04:b1:31:35:31:e9:d3:eb:bd:3a:42:5a:81:b7:71:
25:07:61:13:fe:0f:dc:e8:c3:2b:e7:40:5f:da:9b:57:d9:4a:
83:63:68:dc:1d:76:22:fb:03:60:68:be:84:31:00:71:aa:6c:
da:4a:14:53:ae:42:81:d0:43:79:51:b7:ef:1f:91:da:5c:e1:
7e:be:6f:d9:6d:0f:ac:5b:d0:a1:cd:bd:20:89:21:fd:8d:e1:
41:af:3e:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZcYRq6etuCYQsTV9vjQ9CA4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNTI4MTkwMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDU4MDQ4ZjlkNDEyN2M0ZDM0N2VlZjNmYjFlZjE3NjE5Y2JjYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiugo9NEs9AeJ27NpZBds6ha0WzYu
HV80CC10GK6FIe9PLf2oBjFzx4JQrwSqTQlBGXSuoizsBWpPlmCDn5bU1o1o8pWX
okj6hOlsf73TeOS+S5UEbaiYzIIStqXiTIbSq549vwATYOgSIpUd8GxgxVN0idyQ
vK26xyREQlNrfcIO1r08AFBz1eIjIJZ/ePuRMs98oBTj3hBRb+eOkHlT/5nT2ZQD
hlwolqXX/FmNm9qIaPbIHtd9h8vk/fmVxDnYXX55UyzwoLuMjgHTyKAWLSBwdOK7
0jQ0zONlL8eTb94DQv507kQ1BRJiNcLkZov8d2b2pJ/J9w/c2a8juie2NwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP1YBI+dQSfE00fu8/se8XYZy8yCMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvX1ZnRWo1MUJKOFRUUi03ei14N3hkaG5MeklJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkDgUAwQA
kDgiMA0GCSqGSIb3DQEBCwUAA4IBAQBUd0qsPzg4I2q5Hckp6GI9fJzGRsL6iGJc
3a4jFmbvRBu9uYDsQhh+swZUIiTTj/pKWGTfx3i0pBmjD/zgladket7dwzFDnB+1
yy0ZTnq1dsA9E4N+YVyHmMhHySciGJvlq1NbY5kWnFSTaaYgQxmM0t1We0k2MWfO
3vN6WF5Yp8GmoRMGc+nla0xebpc5izkN+ZAGq5p2mcJbuUJgJ2GxBw56hYUEsTE1
MenT6706QlqBt3ElB2ET/g/c6MMr50Bf2ptX2UqDY2jcHXYi+wNgaL6EMQBxqmza
ShRTrkKB0EN5UbfvH5HaXOF+vm/ZbQ+sW9Chzb0giSH9jeFBrz7W
-----END CERTIFICATE-----
Generated at Wed Jun 11 21:24:51 2025 by rpki-client